CN101599904B - Method and system for virtual dial-up safe access - Google Patents
Method and system for virtual dial-up safe access Download PDFInfo
- Publication number
- CN101599904B CN101599904B CN2009101485263A CN200910148526A CN101599904B CN 101599904 B CN101599904 B CN 101599904B CN 2009101485263 A CN2009101485263 A CN 2009101485263A CN 200910148526 A CN200910148526 A CN 200910148526A CN 101599904 B CN101599904 B CN 101599904B
- Authority
- CN
- China
- Prior art keywords
- access
- user
- bas
- safe
- authentication request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a system for virtual dial-up safe access. The method comprises the following steps that: a user terminal sends an internet accessed authentication request; after the authentication request of a user reaches a broadband access server (BAS) in an access network, the BAS sends the authentication request to an authentication, authorization and accounting (AAA) system, the AAA system selects a corresponding access mode according to the corresponding relation between a domain name inquired and saved by a domain name in the authentication request of the user and the access mode, and if the access mode is a common broadband access mode, the access network normally processes user traffic in a common broadband access mode after the authentication passes; and if the access mode is a safe broadband access mode, the access network draws and converges the user traffic which uses safe access service to a safe access service center after the authentication passes. The method and the system can provide full network safety protection service for broadband users and protect network and data safety of the users.
Description
Technical field
The present invention relates to Internet technical field, be meant a kind of flow shunting, the virtual dial-up safe cut-in method and the system of protection as required especially based on metropolitan area network.
Background technology
UTM (United Threat Management; UTM) the equipment of forming by hardware, software and networking technology with special purpose; One or multinomial safety function mainly are provided; It is integrated in multiple security feature in the hardware device, constitutes the management platform of a standard.A typical UTM product integration safety functions much commonly used such as fire compartment wall, anti-virus, IPS, anti-rubbish mail, the user can select to possess the UTM equipment of full functionality, also can be according to the function of own certain several aspect of needs selection.The UTM product provides a kind of selection of managing of also being easier to more flexibly for the user.The user can set up the security infrastructure of oneself on a more unified framework, also can access very big alleviation and perplex problems such as user's security product linkage in the past.
L2TP is a kind of Layer 2 Tunneling Protocol based on point-to-point protocol PPP, and it can allow user and telecommuting person to be connected to the Intranet (Intranet) or the outer net (Extranet) of their company.In the VPN that makes up by L2TP; Two types server is arranged, and a kind of is L2TP Access Concentrator LAC (L2TP Access Concentrator), is responsible for initiating L2TP Tunnel; LAC generally is exactly a network access server, is used to the user network insertion service is provided; Another kind is L2TP Network Server LNS (L2TP Network Server), and the tunnel is terminated.
At present, China the Internet (Internet) got into broadband period, the network user and Internet resources sustainable growth, and China's Internet industry has begun to take shape and is fast-developing simultaneously.But; The security risk that the opening of the Internet and the complexity of application system are brought also increases thereupon; The information system security leak is one of main root of various security threats; Malicious code becomes the hacker attacks subscriber's main station, makes up Botnet, and then steals user's important information and control the important means that the computer of being injured starts attack in force.Attack is increasingly sophisticated, and directionality after the whole bag of tricks merges each other and professional attack make network security defence difficulty more.In addition, the spam that spreads unchecked without restraint combines also more and more closer with virus, wooden horse etc., brings serious safety problem for normal the Internet user.
At present, the broadband user of China is main with the virtual dial-up user, but safe practice is generally weak, can't take effective measures the safety that guarantees the network terminal, and domestic operator is providing aspect the safe access, mainly carries out from the following aspects:
1,, realizes the restriction of simple IP address and tcp port through on the metropolitan area network networking equipment, disposing ACL.
2, part Access Service Provider provides fire compartment wall for the dimension service for its client, but only is confined to firewall functionality.
The part security protection business of 3, having carried out can only provide the information filtering service at present.
Therefore, the safe access service of protection such as the comprehensive security that comprises anti-virus, fire compartment wall, IPS, Anti-Spam still is not provided at present.
Summary of the invention
In view of this; The present invention is directed to internet security present situation and broadband user's demand for security; A kind of flow shunting based on metropolitan area network, the virtual dial-up safe cut-in method and the system of protection are as required proposed; For the broadband user provides comprehensive network safety prevention service, protection user network and data security.
Method based on above-mentioned purpose virtual dial-up safe provided by the invention inserts is provided with BAS Broadband Access Server BAS, authentication AAA system and safe access service center, and comprises in access network system:
User terminal sends the authentication request that the Internet inserts;
After user's authentication request arrives the BAS in the Access Network; BAS mails to AAA system with this authentication request; AAA system is according to the domain name of the preservation of the inquiry of the domain name in the user authentication request and the corresponding relation of access way; Select corresponding access way, if access way is common broadband access method, authentication is passed through the back Access Network according to common broadband access method normal process customer flow; If safe broadband access method, after authentication was passed through, Access Network converged to safe access service center with the customer flow traction of access service safe in utilization.
Optional, in this method if common broadband access method, authentication through after further comprise: AAA system is directly given user's distributing IP address, and BAS is returned in this IP address.
Optional, the said safe access service of this method center comprises Level 2 Tunnel Protocol L2TP Network Server LNS equipment and UTM UTM equipment;
If safe broadband access method, authentication through after further comprise: AAA system returns BAS speed limit and tunnel information, and BAS sets up L2TP Tunnel according to the speed limit of being returned and tunnel information and LNS equipment;
LNS equipment sends authentication request for the second time to AAA system; AAA system is according to the account information in the user authentication request of preserving in advance and the corresponding relation of security strategy; Return this security strategy corresponding address pond and give LNS; Is user's distributing IP address by LNS in corresponding address pool, and returns BAS;
UTM equipment is according to IP address, and the local user's IP address of preserving and the corresponding relation of security strategy, confirms the concrete security strategy of customization, and the user is used corresponding security strategy.
Optional, the said UTM number of devices when configuration of this method is during greater than one, and said safe access service center also comprises when load-balancing device is used for UTM number of devices when configuration greater than one, the flow to each UTM equipment carried out equilibrium allocate.
Optional, this method said second time of authentication request is identical with the internet access authentication request content that said user terminal sends.
Optional, the corresponding relation of this method said IP address and security strategy is the one-to-one relationship of IP address and security strategy, or the one-to-one relationship of IP address field and security strategy.
Optional, comprise number of the account name, password and domain name in the said authentication request of this method.
Optional, before the said user terminal of this method sends the authentication request that inserts the Internet, select access way by the user, user terminal is inserted the corresponding domain name of this access way when generating authentication request.
Based on above-mentioned purpose, the present invention also provides a kind of access network system of realizing that virtual dial-up safe inserts, comprising: BAS Broadband Access Server BAS, authentication AAA system and safe access service center;
BAS, be used to receive the authentication request that inserts the user the Internet after, this authentication request is mail to AAA system, and BAS sets up L2TP Tunnel according to speed limit that AAA system returned and tunnel information and LNS equipment;
AAA system; The domain name that is used for preserving and the corresponding relation of access way according to the inquiry of the domain name of user authentication request; Select corresponding access way; If access way is common broadband access method, authentication through the back by the access network system Access Network according to common broadband access method normal process customer flow; If safe broadband access method, after authentication was passed through, Access Network converged to safe access service center with the customer flow traction of access service safe in utilization.
Optional, this system said safe access service center comprises: Level 2 Tunnel Protocol L2TP Network Server LNS equipment and UTM UTM equipment;
Said AAA system also returns BAS speed limit and tunnel information after confirming as safe broadband access method;
LNS equipment; Be used for authentication through and confirm as safe broadband access method after, send authentication request for the second time to AAA system, AAA system is according to the account information in the user authentication request of preserving in advance and the corresponding relation of security strategy; Return this security strategy corresponding address pond and give LNS; Is user's distributing IP address by LNS in corresponding address pool, and returns BAS, returns to user terminal by BAS;
UTM equipment is used for according to IP address, and the local user's IP address of preserving and the corresponding relation of security strategy, confirms the concrete security strategy of customization, and the user is used corresponding security strategy.
Optional, the said UTM number of devices when configuration of this system also is provided with load-balancing device during greater than one before and after UTM equipment, when being used for UTM number of devices when configuration greater than one, the flow to each UTM equipment being carried out equilibrium allocate.
Optional, this system is if common broadband access method, and AAA system also is used for to user's distributing IP address, and BAS is returned in this IP address.
Saidly can find out from top; Virtual dial-up safe cut-in method provided by the invention and system based on the shunting of the flow of metropolitan area network, protection requirements as required, utilize UTM technology and L2TP technological; Carry access way information through domain name, have the following advantages and effect:
1) achievement is easy to realize
The present invention has taken into full account the characteristics of carrier network, and the traction of distributed user crowd's flow is converged to concentrated safety service center, has realized centralized and unified deployment, and distributing provides professional system model, makes achievement be highly susceptible to realizing.
2) professional easy to use, do not influence user's legacy network or system and use
The present invention only need be at the Operation Network sidepiece UTM of administration equipment; Customer Premises Network need not any adjustment; Any software of also different installations; The domain name that only need change number of the account can realize freely switching between common broadband access and the secure broadband access, can not use the user and bring influence, and is professional very easy to use.
3) business function is comprehensive, and can protect as required
Business function of the present invention is comprehensive, and safety functions such as fire compartment wall, anti-virus, Anti-Spam, IPS can be provided, and each safety function module can use by independent assortment simultaneously, according to user's request multi-level safe access service is provided
4) small investment, dispose convenient, be easy to management, convenient operation
The present invention changes minimum to existing network, only need build the safe access service center of concentrating, and simultaneously the part modification is carried out in the configuration of the aaa server of existing network and egress router and promptly can be the distributed user crowd safe access service is provided.Therefore the present invention possess small investment, dispose convenient, be easy to manage, the characteristics of convenient operation.
Description of drawings
Fig. 1 is an embodiment of the invention system network architecture sketch map;
Fig. 2 is an embodiment of the invention secure broadband access authentication procedure sketch map.
Embodiment
For making the object of the invention, technical scheme and advantage clearer, below in conjunction with specific embodiment, and with reference to accompanying drawing 2, to further explain of the present invention.
The method and system that the virtual dial-up safe that the present invention proposes inserts is provided with safe access service center in access network, its access procedure mainly may further comprise the steps: user terminal sends the authentication request that the Internet inserts; After user's authentication request arrives the BAS Broadband Access Server (BAS) in the Access Network; BAS mails to authentication (AAA) system with this authentication request; AAA system is according to the domain name of the preservation of the inquiry of the domain name in the user authentication request and the corresponding relation of access way; Select corresponding access way, if access way is common broadband access method, authentication is passed through the back Access Network according to common broadband access method normal process customer flow; If safe broadband access method, after authentication was passed through, Access Network converged to safe access service center with the customer flow traction of access service safe in utilization.
Safe access service center in the preferred embodiment of the present invention utilizes UTM technology and L2TP technology to realize; Adopt the networking plan of sharing formula, concentrate in the Access Network side and dispose UTM (UTM) equipment, through ID; The customer flow of this service of use is drawn to UTM equipment; By predefined security strategy, user's turnover flow is carried out security monitoring and filtration, thereby reach the purpose of protection user network.
The network architecture figure that the present invention relates to is referring to shown in the accompanying drawing 1, and virtual dial-up user 101 inserts Internet through the metropolitan area network as Access Network.At metropolitan area network set inside Level 2 Tunnel Protocol L2TP Network Server (LNS) equipment 104 and UTM equipment 105.In addition,,, also be provided with load-balancing device, be used for that the flow to each UTM equipment is carried out equilibrium and allocate in both sides, UTM equipment 105 front and back in order to be adjusted to the flow of each UTM equipment 105 when UTM equipment 105 quantity of configuration during greater than one.
In the embodiment of the invention, insert the PPP connection of dialling up on the telephone from the safety of metropolitan area network BAS Broadband Access Server (BAS) 102 through LNS equipment 104 termination; On the router one 06a between the Internet and the metropolitan area network, need static routing of configuration, return UTM equipment 105 to the flow route of the access service safe in utilization that sends from the Internet.
The user 101 of virtual dial-up can freely be switched between common broadband access and secure broadband access through change dialing number of the account domain name, and the mode of customer flow shunting is:
The dial-up access request of common broadband is mail to authentication (AAA) system 103 through BAS 102, after AAA system 103 authentications are passed through, by BAS 102 distributing IP addresses, directly inserts the Internet through this paths of common online flow (among the figure shown in the dotted line).
Secure broadband inserts request and mails to after AAA system 103 authentications pass through through BAS 102, sets up L2TP Tunnel with LNS equipment 104, and distributes special-purpose IP address by LNS equipment 104, via UTM equipment 105 access the Internets, referring to the path shown in the solid line among the figure; The flow that returns then sends back to user network along former road (path shown in the solid line among the figure) after UTM equipment 105 filters.
In conjunction with the system shown in Figure 1 structure, the virtual dial-up safe cut-in method flow process of the embodiment of the invention comprises following process referring to shown in the accompanying drawing 2.
1) subscriber dialing flow process:
The virtual dial-up flow process of user side is following:
The user starts dialup client software;
Input complete number of the account name and password respectively in number of the account, password territory, input domain name in the domain name territory; Wherein, also can import the corresponding domain name of different access waies here, also can point out the user to select safety to insert still common broadband access, add corresponding domain name in the domain name territory automatically according to user's selective system by client software by the user;
After confirming, can dial, send authentication request, wherein include account number name, password and domain name in the authentication request to network.
2) safe access authentication procedure:
For realizing said secure broadband access authentication, need to delimit in advance and different security strategies address or address field one to one.Specifically comprise: in LNS configuration of IP address pond, at the corresponding relation of UTM equipment disposition user's IP address (section) with security strategy.Wherein, said security strategy is meant different safety functions or its combination that UTM equipment is provided, for example: safety functions such as fire compartment wall, anti-virus, Anti-Spam, IPS, the combination in any between the perhaps different safety functions.
Step 202; After user's authentication request arrives the BAS of metropolitan area network; BAS mails to the backstage RADIUS of AAA system with this authentication request, and the domain name and the corresponding relation of access way that backstage RADIUS preserves according to the inquiry of the domain name in the user authentication request are selected the access way of correspondence; Be that common broadband access still is safe broadband access, simultaneously user account name, password carried out authentication.If common broadband access, authentication is directly given user's distributing IP address through the back, and BAS is returned in this IP address; If safe broadband access, after authentication was passed through, backstage RADIUS returned BAS speed limit and tunnel information, and BAS sets up L2TP Tunnel according to the speed limit of being returned and tunnel information and LNS equipment, got into step 203.
Step 203, LNS equipment are sent authentication request for the second time to said backstage RADIUS after having set up L2TP Tunnel; This authentication request content can with the first time authentication request content identical; Just needn't verify attributes such as number of the account, password again in this verification process, RADIUS is according to the corresponding relation of the account information in the user authentication request and security strategy, and returns this security strategy corresponding address pond to LNS; Is user's distributing IP address by LNS in corresponding address pool, and returns BAS; BAS returns to said user terminal.
Step 204; UTM equipment is according to IP address, and the corresponding relation of local user's IP address (section) of preserving and security strategy, and that preserves in this corresponding relation and the AAA system is consistent; Confirm the concrete security strategy of customization, the user is used corresponding security strategy.
After this, the flow that sends to said user terminal from the Internet is pulled and converges to UTM equipment, and after carrying out corresponding security strategy, route is returned LNS equipment, and returns to BAS through L2TP Tunnel, and then returns to user terminal.
Above-described specific embodiment is merely specific embodiment of the present invention, is not limited to the present invention, and is all within spirit of the present invention and principle, any modification of being made, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. the method that inserts of a virtual dial-up safe; It is characterized in that; In access network system, be provided with BAS Broadband Access Server BAS, authentication AAA system and safe access service center, said safe access service center comprises Level 2 Tunnel Protocol L2TP Network Server LNS equipment and UTM UTM equipment; Said method comprises:
User terminal sends the authentication request that the Internet inserts;
After user's authentication request arrives the BAS in the Access Network; BAS mails to AAA system with this authentication request; AAA system is according to the domain name of the preservation of the inquiry of the domain name in the user authentication request and the corresponding relation of access way; Select corresponding access way, if access way is common broadband access method, authentication is passed through the back Access Network according to common broadband access method normal process customer flow; If safe broadband access method, after authentication was passed through, AAA system returned BAS speed limit and tunnel information, and BAS sets up L2TP Tunnel according to the speed limit of being returned and tunnel information and LNS equipment; LNS equipment sends authentication request for the second time to AAA system; AAA system is according to the account information in the user authentication request of preserving in advance and the corresponding relation of security strategy; Return this security strategy corresponding address pond and give LNS; Is user's distributing IP address by LNS in corresponding address pool, and returns BAS; UTM equipment is according to IP address, and the local user's IP address of preserving and the corresponding relation of security strategy, confirms the concrete security strategy of customization, and the user is used corresponding security strategy;
Access Network converges to safe access service center with the customer flow traction of access service safe in utilization.
2. method according to claim 1 is characterized in that, if common broadband access method, authentication through after further comprise: AAA system is directly given user's distributing IP address, and BAS is returned in this IP address.
3. method according to claim 2; It is characterized in that; Said UTM number of devices when configuration is during greater than one, and said safe access service center also comprises when load-balancing device is used for UTM number of devices when configuration greater than one, the flow to each UTM equipment carried out equilibrium allocate.
4. method according to claim 2 is characterized in that, said second time, authentication request was identical with the internet access authentication request content that said user terminal sends.
5. method according to claim 2 is characterized in that, the corresponding relation of said IP address and security strategy is the one-to-one relationship of IP address and security strategy, or the one-to-one relationship of IP address field and security strategy.
6. method according to claim 1 is characterized in that, comprises number of the account name, password and domain name in the said authentication request.
7. method according to claim 1 is characterized in that, said user terminal is selected access way by the user before sending the authentication request that inserts the Internet, and user terminal is inserted the corresponding domain name of this access way when generating authentication request.
8. an access network system of realizing that virtual dial-up safe inserts is characterized in that this system comprises: BAS Broadband Access Server BAS, authentication AAA system and safe access service center; Said safe access service center comprises: Level 2 Tunnel Protocol L2TP Network Server LNS equipment and UTM UTM equipment;
BAS, be used to receive the authentication request that inserts the user the Internet after, this authentication request is mail to AAA system, and BAS sets up L2TP Tunnel according to speed limit that AAA system returned and tunnel information and LNS equipment;
AAA system; The domain name that is used for preserving and the corresponding relation of access way according to the inquiry of the domain name of user authentication request; Select corresponding access way; If access way is common broadband access method, authentication through the back by the access network system Access Network according to common broadband access method normal process customer flow; If safe broadband access method after authentication is passed through, returns BAS speed limit and tunnel information;
LNS equipment; Be used for authentication through and confirm as safe broadband access method after, send authentication request for the second time to AAA system, AAA system is according to the account information in the user authentication request of preserving in advance and the corresponding relation of security strategy; Return this security strategy corresponding address pond and give LNS; Is user's distributing IP address by LNS in corresponding address pool, and returns BAS, returns to user terminal by BAS;
UTM equipment; Be used for according to IP address; And the local user's IP address of preserving and the corresponding relation of security strategy; Confirm the concrete security strategy of customization, the user is used corresponding security strategy, Access Network converges to safe access service center with the customer flow traction of access service safe in utilization.
9. system according to claim 8; It is characterized in that said UTM number of devices when configuration also is provided with load-balancing device during greater than one before and after UTM equipment; Be used for UTM number of devices when configuration during, the flow to each UTM equipment carried out equilibrium allocate greater than one.
10. system according to claim 8 is characterized in that, if common broadband access method, AAA system also is used for to user's distributing IP address, and BAS is returned in this IP address.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101485263A CN101599904B (en) | 2009-06-26 | 2009-06-26 | Method and system for virtual dial-up safe access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009101485263A CN101599904B (en) | 2009-06-26 | 2009-06-26 | Method and system for virtual dial-up safe access |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101599904A CN101599904A (en) | 2009-12-09 |
| CN101599904B true CN101599904B (en) | 2012-06-27 |
Family
ID=41421162
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009101485263A Active CN101599904B (en) | 2009-06-26 | 2009-06-26 | Method and system for virtual dial-up safe access |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101599904B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101795263B (en) * | 2009-12-28 | 2012-12-12 | 中国联合网络通信集团有限公司 | Secure broadband access method, authentication method, device and system |
| WO2013078678A1 (en) * | 2011-12-02 | 2013-06-06 | 华为技术有限公司 | Method for determining access mode of user equipment, and system and device thereof |
| CN104486191B (en) * | 2014-11-28 | 2018-06-22 | 国家信息中心 | Mobile terminal cut-in method |
| CN106487751B (en) * | 2015-08-26 | 2019-12-03 | 中国移动通信集团江苏有限公司 | A kind of data transmission method, relevant apparatus and system |
| CN107017998B (en) * | 2016-01-27 | 2020-04-07 | 中国电信股份有限公司 | Method and system for implementing CGN flexible backup |
| CN107896187A (en) * | 2017-11-07 | 2018-04-10 | 北京首信科技股份有限公司 | A kind of method and apparatus that LNS equipment is issued in VPDN networks |
| CN108600225B (en) * | 2018-04-25 | 2021-03-23 | 新华三技术有限公司 | Authentication method and device |
| CN110290230B (en) * | 2019-06-10 | 2021-11-12 | 普联技术有限公司 | Method, device and storage medium for detecting dialing mode supported by network environment |
| CN110636464B (en) * | 2019-09-29 | 2021-05-18 | 广西东信易联科技有限公司 | Communication system for communication between Internet of things equipment and communication system with enterprise intranet |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1571383A (en) * | 2003-07-19 | 2005-01-26 | 华为技术有限公司 | A method for implementing campus network |
| WO2006118497A1 (en) * | 2005-04-29 | 2006-11-09 | Telefonaktiebolaget L M Ericsson (Publ) | Operator shop selection |
| CN101159625A (en) * | 2007-11-07 | 2008-04-09 | 中兴通讯股份有限公司 | System and method of implementing monitor for police for WiMAX |
-
2009
- 2009-06-26 CN CN2009101485263A patent/CN101599904B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1571383A (en) * | 2003-07-19 | 2005-01-26 | 华为技术有限公司 | A method for implementing campus network |
| WO2006118497A1 (en) * | 2005-04-29 | 2006-11-09 | Telefonaktiebolaget L M Ericsson (Publ) | Operator shop selection |
| CN101159625A (en) * | 2007-11-07 | 2008-04-09 | 中兴通讯股份有限公司 | System and method of implementing monitor for police for WiMAX |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101599904A (en) | 2009-12-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101599904B (en) | Method and system for virtual dial-up safe access | |
| CN100499554C (en) | Network admission control method and network admission control system | |
| CN105262738B (en) | A kind of method of router and its preventing ARP aggression | |
| CN103650436B (en) | Service path distribution method, router and business perform entity | |
| CA2814261C (en) | Systems and methods for managing a network | |
| EP0990206B1 (en) | Multilayer firewall system | |
| CN101326763B (en) | System and method for authentication of SP Ethernet aggregation networks | |
| DE602004009356T2 (en) | Method and device for protecting a network infrastructure and secure communication of control information | |
| CN100563158C (en) | Access control method and system | |
| CN101288272B (en) | Tunneled security groups | |
| US7971250B2 (en) | System and method for providing data content analysis in a local area network | |
| CN100452773C (en) | Data transmitting method and apparatus based on virtual LAN | |
| CN103039038A (en) | Method and system for efficient use of a telecommunication network and the connection between the telecommunications network and a customer premises equipment | |
| CN104009972B (en) | The Verification System and its authentication method of network security access | |
| CN106302371A (en) | A kind of firewall control method based on subscriber service system and system | |
| CN101448264A (en) | Access control method and system of access subscribers | |
| CN107370715A (en) | Network safety protection method and device | |
| CN107566286A (en) | Distributing wideband network gateway function for effective content delivery network equity | |
| CN101917425A (en) | Centralized cleaning system and method for internet bar flow in manner of bidirectional online | |
| CN103916364B (en) | For the SLA grade realization method and systems of IMS business group customer | |
| CN102724087A (en) | Method and system for realizing network resource sharing | |
| CN107426100B (en) | VPN user access method and device based on user group | |
| CN101640689A (en) | Static user access method and device thereof | |
| CN106027387B (en) | A kind of processing method of voice service, gateway and system | |
| CN100477609C (en) | Method for implementing dedicated network access |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |